class InstructorsController < ApplicationController
  
  before_filter :login_required
  
  # solo el director (y admin) puede hacer delete
  require_role 'director', :only=>[:delete, :restore]
  
  # solo el admin puede hacer destroy
  require_role 'admin', :only=>[:destroy]

  def index
    store_location
    list
    render :action => 'list'
  end

  # GETs should be safe (see http://www.w3.org/2001/tag/doc/whenToUseGet.html)
  verify :method => :post, :only => [ :destroy, :create, :update ],
         :redirect_to => { :action => :list }

  def list
    store_location
    @actuales=Instructor.find_not_deleted(:all)
    @eliminados=Instructor.find_deleted(:all)
    @instructors = @actuales + @eliminados
  end

  def show
    store_location
    @instructor = Instructor.find(params[:id])
    @alumnos = @instructor.alumnos.find(:all, :order=>'nombres, apellidos')
  end

  def new
    @instructor = Instructor.new
  end

  def create
    @instructor = Instructor.new(params[:instructor])
    if @instructor.save
      flash[:success] = 'Instructor was successfully created.'
      redirect_to :action => 'list'
    else
      render :action => 'new'
    end
  end

  def edit
    @instructor = Instructor.find(params[:id])
  end

  def update
    @instructor = Instructor.find(params[:id])
    if @instructor.update_attributes(params[:instructor])
      flash[:success] = 'Instructor was successfully updated.'
      redirect_back_or_default :action => 'show', :id => @instructor
    else
      render :action => 'edit'
    end
  end

  def delete
    i=Instructor.find(params[:id])
    i.deleted=true
    i.save
    redirect_back_or_default :action => 'list'
  end

  def restore
    i=Instructor.find(params[:id])
    i.deleted=false
    i.save
    redirect_back_or_default :action => 'list'
  end

  def destroy
    Instructor.find(params[:id]).destroy
    redirect_back_or_default :action => 'list'
  end
end
